Recently I came across a thread on reddit where the OP mentioned that self hosting a password manager on raspberry Pi is a risky idea because you have to trust the hardware on which the device is running which most likely would be a microSD card.
This led me to think about the pros and cons of self-hosting password managers on-premises. So I started a discussion on r/selfhosted ↗️.
Several insightful responses from the community shed light on the pros and cons of this approach. Let’s explore their perspectives and dive into the heart of the matter: should you self-host your password manager on-premises?
This is my attempt to summarise the overall sentiment of the discussion since its quite long.
But if you are curious and have some extra time in hand, I would highly suggest you to read the entire thread.
The entire discussion can be found here ↗️.
Author: NecessaryPleasant644 - Comment ↗️
One recurring theme among self-hosters is the importance of robust backup strategies. It’s a common belief that if you’re going down the self-hosting path, you better have your backup game strong.
Regular automated backups and offsite copies are key to safeguarding your password vault. It’s like having insurance for your digital credentials.
Author: weaseldum - Comment ↗️
Some users opt for self-hosted solutions like KeepassXC ↗️, taking advantage of their personal NAS.
These solutions offer not just security but also redundancy. By using encryption and caching, you can ensure that even if your self-hosted system goes down temporarily, you can still access your passwords.
Plus, it works smoothly across various platforms, making it a versatile choice. However the OP mentioned that they don’t like any of the available iphone clients.
Author: sassdrew501 - Comment ↗️
Venturing into self-hosting can be an educational adventure. Even if you end up not self-hosting it, it’s an interesting opportunity to enhance your skills in system architecture and data resilience.
I learned about the 3-2-1 backup strategy which states that you should have 3 copies of your data (your actual data and then two copies of it), two different types of storage medias (This could be like an external hard drive or a usb) and, 1 off-site (that way if your house burns down you still have that copy to restore from)
Author: tyroswork - Comment ↗️
One factor to keep in mind is the near 100% uptime you need to maintain. While self-hosting offers control, it also means you’re at the mercy of your ISP’s reliability.
Losing access to your passwords due to an ISP outage can be a frustrating experience.
However, one thing to note is that if you are self-hosting bitwarden or vaultwarden, the clients for these creates a local encrypted copy of your vault. So even if your server goes down, you can still access your passwords.
This was a general sentiment from many folks in the thread.
Storing backups in the cloud, like a secure S3 bucket, can be part of your strategy. It’s an offsite solution that can save your data in case of catastrophic local failures.
What you can do it if the the vault does not provide encrypted backup, you can encrypt the backup file yourself and upload it to any cloud storage provider like S3, Google Drive, R2 etc.
Again this was a general sentiment from many folks in the thread.
Some users admit they’d rather trust established cloud solutions than their own self-hosting abilities which is totally fair.
The cloud offers convenience and takes the burden of management off your shoulders. It’s a valid choice for those who prioritize simplicity and reliability over full control.
So, should you self-host your password manager on-premises? The answer depends on your level of tech-savviness, your appetite for managing backups and uptime, and your desire for control.
While self-hosting offers many advantages, including increased security and privacy, it comes with added responsibilities.
If you’re considering self-hosting, don’t do it blindly. Take a page from the homelab community’s book: prioritize backups, ensure redundancy, and be prepared for some technical tinkering.
However, if the idea of managing all this seems daunting, cloud-hosted password managers are a reasonable and reliable alternative.
In the end, it’s all about finding the balance between control and convenience that suits your needs.